Bitnami SonarQube for Open Telekom Cloud

Description

SonarQube is an open source tool for continuous code quality which performs automatic reviews of code to detect bugs, code smells and vulnerabilities issues for 20+ programming languages.

First steps with the Bitnami SonarQube Stack

Welcome to your new Bitnami application running on Open Telekom Cloud! Here are a few questions (and answers!) you might need when first starting with your application.

What credentials do I need?

You need two sets of credentials:

The application credentials, consisting of a username and password. These credentials allow you to log in to your new Bitnami application.

The server credentials, consisting of an SSH username and key. These credentials allow you to log in to your Open Telekom Cloud server using an SSH client and execute commands on the server using the command line.

What is the administrator username set for me to log in to the application for the first time?

How do I get my SSH key or password?

What are the default ports?

A port is an endpoint of communication in an operating system that identifies a specific process or a type of service. Bitnami stacks include several services or servers that require a port.

For security reasons, Open Telekom Cloud have some or all their ports closed. For those applications launched from the Open Telekom Cloud marketplace, make sure that the default access ports are opened. Check the how to open the server ports for remote access section to learn how to open ports in order to allow remote access to your server.

Port 22 is the default port for SSH connections.

Bitnami opens some ports for the main servers. These are the ports opened by default: 80, 443.

What is the default configuration?

The SonarQube installation folder is located in /opt/bitnami/apps/sonarqube/, which has the following contents:

Directory

Content

conf/

SonarQube's Apache configuration files.

sonarqube/

SonarQube's files.

sonarqube/bin/

SonarQube's binaries.

sonarqube/conf/

SonarQube's configuration files.

sonarqube/data/

SonarQube's data.

sonarqube/…

scripts/

Scripts to manage SonarQube's service.

Analyze your first project with SonarQube Scanner

To get started with the Bitnami SonarQube Stack and SonarQube Scanner, you can follow this two-minute quickstart guide to analyze a sample project:

Linux and Mac OS X

Download the SonarQube Scanner zip file. You can find it for all platforms on this link.

How to start or stop the services?

Each Bitnami stack includes a control script that lets you easily stop, start and restart services. The script is located at /opt/bitnami/ctlscript.sh. Call it without any service name arguments to start all services:

$ sudo /opt/bitnami/ctlscript.sh start

Or use it to restart a single service, such as Apache only, by passing the service name as argument:

$ sudo /opt/bitnami/ctlscript.sh restart apache

Use this script to stop all services:

$ sudo /opt/bitnami/ctlscript.sh stop

Restart the services by running the script without any arguments:

$ sudo /opt/bitnami/ctlscript.sh restart

Obtain a list of available services and operations by running the script without any arguments:

$ sudo /opt/bitnami/ctlscript.sh

How to change the default administrator password?

Change the default administrator password manually

You can manually change the administrator password from the command line by following these steps:

How to access the administration panel?

Access the administration panel by browsing to http://SERVER-IP/sessions/new.

How to use the SonarQube Web API?

SonarQube provides a web API to access its functionality from applications.

All the documentation about how to use the SonarQube's web API is available by browsing to http://SERVER-IP/web_api. (SERVER-IP is a placeholder. Please, replace it with the actual domain of your SonarQube server).

Restart SonarQube using the graphical manager or the command-line script:

$ sudo /opt/bitnami/ctlscript.sh restart sonarqube

How to create a full backup of SonarQube?

Backup

The Bitnami SonarQube Stack is self-contained and the simplest option for performing a backup is to copy or compress the Bitnami stack installation directory. To do so in a safe manner, you will need to stop all servers, so this method may not be appropriate if you have people accessing the application continuously.

Follow these steps:

Change to the directory in which you wish to save your backup:

$ cd /your/directory

Stop all servers:

$ sudo /opt/bitnami/ctlscript.sh stop

Create a compressed file with the stack contents:

$ sudo tar -pczvf application-backup.tar.gz /opt/bitnami

Restart all servers:

$ sudo /opt/bitnami/ctlscript.sh start

You should now download or transfer the application-backup.tar.gz file to a safe location.

Restore

Follow these steps:

Change to the directory containing your backup:

$ cd /your/directory

Stop all servers:

$ sudo /opt/bitnami/ctlscript.sh stop

Move the current stack to a different location:

$ sudo mv /opt/bitnami /tmp/bitnami-backup

Uncompress the backup file to the original directoryv

$ sudo tar -pxzvf application-backup.tar.gz -C /

Start all servers:

$ sudo /opt/bitnami/ctlscript.sh start

If you want to create only a database backup, refer to these instructions for MySQL and PostgreSQL.

How to upgrade the Bitnami SonarQube Stack?

It is strongly recommended that you create a backup before starting the update process. If you have important data, it is advisable that you try to create and restore a backup to ensure that everything works properly.

Update the contents of the /opt/bitnami/apps/sonarqube/sonarqube/conf/sonar.properties and /opt/bitnami/apps/sonarqube/sonarqube/conf/wrapper.conf files with the settings of the related files in the sonarqube-backup/sonarqube backup directory. To do so, use an editor to modify them with the old settings (Web server URL, database, LDAP settings, …).

NOTE: Edit the settings files manually. Do not copy-paste the old files.

Restore the Apache configuration files in the new SonarQube stack. You can use the commands below. Note that the second command will restore the server SSL certificates from your previous server, so only execute this command if required.

Substitute your old installation with the new version. To do that, use the command below:

$ sudo mv ~/sonarqube-6.3.1/ /opt/bitnami/apps/sonarqube/sonarqube

Update the contents of the /opt/bitnami/apps/sonarqube/sonarqube/conf/sonar.properties and /opt/bitnami/apps/sonarqube/sonarqube/conf/wrapper.conf files with the settings of the related files in the /opt/bitnami/apps/sonarqube-backup/sonarqube/conf backup directory. To do so, use an editor to modify them with the old settings (web server URL, database, LDAP settings, etc.).

NOTE: Edit the settings files manually. Do not copy-paste the old files.

Restart SonarQube using the graphical manager or the command line script:

$ sudo /opt/bitnami/ctlscript.sh restart sonarqube

Browse to http://SERVER-IP/setup and follow the setup instructions (SERVER-IP is a placeholder that you should replace with the actual domain name or IP address of your SonarQube server).

Analyze your projects (and compute your Views if you own the Governance product) to get fresh data.

How to enable HTTPS support with SSL certificates?

NOTE: The steps below assume that you are using a custom domain name and that you have already configured the custom domain name to point to your cloud server.

Bitnami images come with SSL support already pre-configured and with a dummy certificate in place. Although this dummy certificate is fine for testing and development purposes, you will usually want to use a valid SSL certificate for production use. You can either generate this on your own (explained here) or you can purchase one from a commercial certificate authority.

Once you obtain the certificate and certificate key files, you will need to update your server to use them. Follow these steps to activate SSL support:

Use the table below to identify the correct locations for your certificate and configuration files.

NOTE: If you use different names for your certificate and key files, you should reconfigure the SSLCertificateFile and SSLCertificateKeyFile directives in the corresponding Apache configuration file to reflect the correct file names.

If your certificate authority has also provided you with a PEM-encoded Certificate Authority (CA) bundle, you must copy it to the correct location in the previous table. Then, modify the Apache configuration file to include the following line below the SSLCertificateKeyFile directive. Choose the correct directive based on your scenario and Apache version:

Variable

Value

Apache configuration file

/opt/bitnami/apache2/conf/bitnami/bitnami.conf

Directive to include (Apache v2.4.8+)

SSLCACertificateFile "/opt/bitnami/apache2/conf/server-ca.crt"

Directive to include (Apache < v2.4.8)

SSLCertificateChainFile "/opt/bitnami/apache2/conf/server-ca.crt"

NOTE: If you use a different name for your CA certificate bundle, you should reconfigure the SSLCertificateChainFile or SSLCACertificateFile directives in the corresponding Apache configuration file to reflect the correct file name.

Once you have copied all the server certificate files, you may make them readable by the root user only with the following commands:

How to create an SSL certificate?

OpenSSL is required to create an SSL certificate. A certificate request can then be sent to a certificate authority (CA) to get it signed into a certificate, or if you have your own certificate authority, you may sign it yourself, or you can use a self-signed certificate (because you just want a test certificate or because you are setting up your own CA).

Note that if you use this encrypted key in the Apache configuration file, it will be necessary to enter the password manually every time Apache starts. Regenerate the key without password protection from this file as follows:

How to debug Apache errors?

Once Apache starts, it will create two log files at /opt/bitnami/apache2/logs/access_log and /opt/bitnami/apache2/logs/error_log respectively.

The access_log file is used to track client requests. When a client requests a document from the server, Apache records several parameters associated with the request in this file, such as: the IP address of the client, the document requested, the HTTP status code, and the current time.

The error_log file is used to record important events. This file includes error messages, startup messages, and any other significant events in the life cycle of the server. This is the first place to look when you run into a problem when using Apache.

How to upload files to the server with SFTP?

Although you can use any SFTP/SCP client to transfer files to your server, the link below explains how to configure FileZilla (Windows, Linux and Mac OS X), WinSCP (Windows) and Cyberduck (Mac OS X). It is required to use your server's private SSH key to configure the SFTP client properly. Choose your preferred application and follow the steps in the link below to connect to the server through SFTP.

Settings Encryption

SonarQube provides a mechanism to encrypt the settings, which is very useful for removing clear passwords and credentials from the configuration files.

By default, these settings are not encrypted in the Bitnami SonarQube Stack. It is strongly recommended to encrypt them in order to enforce the security of your application. Please folllow the steps described at SonarQube's official Encryption documentation in order to do so.

In order to configure outbound email, follow the steps below:

Log in to the SonarQube dashboard and click on the "Administration" tab.

Browse to the "Configuration -> General settings -> General" menu.

Under the "Email" section, fill out the required information. The settings below configure SonarQube to send emails through a Gmail account. Replace USERNAME and PASSWORD with your Gmail account username and password, respectively.